Cybersecurity Analyst

Type of Requisition:

Regular

Clearance Level Must Currently Possess:

Top Secret/SCI

Clearance Level Must Be Able to Obtain:

Top Secret/SCI

Suitability:

Public Trust/Other Required:

None

Job Family:

Cyber Security

Job Qualifications:

Skills:

Cybersecurity, Information Systems, Risk Management Framework

Certifications:

CISSP - ISC2

Experience:

5 + years of related experience

US Citizenship Required:

Yes

Job Description:

GDIT has an opportunity for a Cybersecurity Analyst to support our customer in Wiesbaden, Germany.  The individual will play a critical role in ensuring the confidentiality, integrity, and availability of information and resources to support the warfighter. The Cybersecurity Analyst assists the ISSM to ensure that Risk Management Framework authorization packages are prepared and maintained in accordance with (IAW) the DoDI 8510.01 Risk Management Framework (RMF) for DoD Information Technology (IT). 

The Analyst will register systems in APMS, create and maintain A&A packages in eMASS, tenant security plans, COOP/DRP and SOPs, perform and analyze ACAS scans, review STIGs, and collect artifacts to ensure compliance with NIST SP 800-53 and CNSSI 1253.The Analyst will ensure all RMF controls for accreditation are tested and documented in order to achieve an applicable authorization for all required systems, software and hardware throughout the system lifecycle.

HOW A CYBER SECURITY ANALYST SENIOR WILL MAKE AN IMPACT

• Manage Assess Only, Assess and Authorize, and Authority to Connect RMF Authorizations and continuous monitoring efforts in the Enterprise Mission Assurance Support Service (eMASS) system throughout the system lifecycle.

• Perform RMF Assessment and Authorization (A&A) Self Assessments and Annual Reviews.

• Collaborate with internal and external agency personnel to ensure actions are completed as necessary.

• Perform pre-validation A&A testing, documentation and review to validate cybersecurity policy, regulations, Security Technical Implementation Guide (STIG), and Best Business Practice (BBP) compliance.

• Lead self-assessments of information systems for program elements.

• Partner with security control validation and cybersecurity inspection teams during audits.

• Develop and maintain Risk Management Framework (RMF) Body of Evidence (BoE) artifacts to include system security plans, contingency plans, Plan of Actions and Milestones (POAMs) and Standard Operating Procedures for all systems under their responsibility.

• Assist with implementation of countermeasures or mitigating controls.

• Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies by monitoring vulnerability scanning devices.

• Perform periodic and on-demand system audits and vulnerability assessments including user accounts, application, and file access to determine compliance manually or with automated tools such as EvaluateSTIG, AESS, SCAP and ACAS.

• Conduct vulnerability reporting and guidance to administrators for remediation actions for all information system assets under the customer’s responsibility and provide custom reports as necessary.

• Provide guidance to and collaborate with team members and staff to achieve greater level of compliance.

• Notify the government of any suspected incidents in a timely manner, and assist in the containment, analysis, and reporting of incidents and information spillages as necessary

• Maintain current knowledge of relevant technology as assigned.

• Advise system owner and ISSM regarding security considerations for new and existing information systems throughout the entire lifecycle.

• Perform security impact analysis for configuration changes and attend Change Control Board Meetings to inform stakeholders and board members of findings.

• Participate in special projects as required.

• May serve as a task leader.​

WHAT YOU’LL NEED TO SUCCEED:

• Security Clearance Level:  TS/SCI clearance required.

• Education: Equivalent combination of education, professional training or work experience can be substituted for degree requirement.

• Required Experience: 5+ years of experience and a bachelor’s degree in computer science or a related technical discipline

• Required Technical Skills: Experience with EvaluateSTIG, AESS, SCAP and ACAS. Effective communication skills and technical writing skills are required for this position. Experience performing pre-validation A&A testing, documentation and review to validate cybersecurity policy, regulations, Security Technical Implementation Guide (STIG), and Best Business Practice (BBP) compliance.

• Location: Wiesbaden Germany

• Certifications: DoD 8570 IAM III required at the time of hiring.

GDIT IS YOUR PLACE:

• 401K with company match

• Comprehensive health and wellness packages

• Internal mobility team dedicated to helping you own your career

• Professional growth opportunities including paid education and certifications

• Cutting-edge technology you can learn from

• Rest and recharge with paid vacation and holidays

The likely salary range for this position is $97,750 - $132,250. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Total compensation for international positions varies by tax, social security, and immigration statuses, as well as location. Generally, an international assignment may include allowances, premium uplifts, and/or relocation or transportation benefits, above base salary range noted.

Scheduled Weekly Hours:

40

Travel Required:

Less than 10%

Telecommuting Options:

Onsite

Work Location:

DEU Wiesbaden - Wiesbaden Army Airfield (APC180)

Additional Work Locations:

Total Rewards at GDIT:

Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation’s most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.